def checkCertificate(cert,keyPublic=crypto.loadPublicKey("TIS")):
if cert.__len__()!=3:
logging.error("Invalid certificate, (Data,PublicKey,Signature)")
return False
if not (crypto.verify_sign(keyPublic,(cert[0]+cert[1]),cert[2])):
logging.error("Signature into certificate not verified")# check this!!!!!
return False#check this!!!!
return True
def getCertificate(self):
logging.debug("Inside getCertificate")
#try to create a socket
logging.debug("Try to create socket")
try:
cli = socket.socket( socket.AF_INET,socket.SOCK_STREAM)
except:
logging.error("Unable to open socket: ")
cli.close()
sys.exit(1)#check this!!!!!
logging.debug("Try to connect at "+str(self.tisHost)+" port "+str(self.tisPort))
try:
cli.connect((self.tisHost, self.tisPort))
except :
logging.error("Unable to establish a connection")
print traceback.print_exc()
cli.close()
sys.exit(1)#check this!!!!!
#TIS+
logging.debug("Try to retrive TIS public key")
try:
tis_public_key=crypto.loadPublicKey('TIS')
except:
logging.error("TIS public Key not found")
cli.close()
sys.exit(1)#check this!!!!!
name=self.txt[0]+self.txt[1]
logging.debug("Creation of keys u and n")
#self.createKeys(name)
#create key pair
user=crypto.generateKeyPair()
crypto.saveKeyPairs(user,name+"_U_")
node=crypto.generateKeyPair()
crypto.saveKeyPairs(node,name+"_N_")
#U-
logging.debug("Try to retrive U-")
try:
user_private_key=crypto.loadKeyPrivate(name+"_U_")
except:
logging.error("User private key not found")
cli.close()
sys.exit(1)#check this!!!!!
#U+
logging.debug("Try to retrive U+")
try:
user_public_key=crypto.loadPublicKey(name+"_U_")
except:
logging.error("User public key non found")
cli.close()
sys.exit(1)#check this!!!!!
#N+
logging.debug("Try to retrive N+")
try:
node_public_key=crypto.loadPublicKey(name+"_N_")
except:
logging.error("Node public key non found")
cli.close()
sys.exit(1)#check this!!!!!
try:
node_private_key=crypto.loadKeyPrivate(name+"_N_")
except:
logging.error("Node private key not found")
cli.close()
sys.exit(1)#check this!!!!!
logging.debug("Try to retrive K")
logging.debug("Try to send first pkt")
try:
temp=self.send_data_signed_encrypted(cli,(self.txt,user_public_key,node_public_key,self.pwd), tis_public_key,user_private_key ,node_private_key)
if (temp==False):
logging.error("Unable to send data")# check this!!!!!
cli.close()
sys.exit(1)
except:
logging.error("Unable to send data")# check this!!!!!
cli.close()
sys.exit(1)
logging.debug("Try to receive first packet")
try:
nonce=self.rcv_data_unsigned_decrypted(cli, tis_public_key,user_private_key )
if not nonce:
logging.error("Unable to receive data")
cli.close()
sys.exit(1)
except:
logging.error("Nonce not valid")
cli.close()
sys.exit(1)
logging.debug("Try crypt nonce")
nonce_c=crypto.encrypt_AES(pickle.dumps(nonce, protocol=1),self.K,'00000000000000000000000000000000')
try:
nonce_c=crypto.encrypt_AES(pickle.dumps(nonce, protocol=1),self.K,'00000000000000000000000000000000')
except:
logging.error("Unable to encrypt under K")
cli.close()
sys.exit()
logging.debug("Try to send nonce")
try:
temp=self.send_data_signed_encrypted(cli,nonce_c, tis_public_key,user_private_key)
if temp==False:
logging.error("Unable to send data")# check this!!!!!
cli.close()
sys.exit(1)
except:
logging.error("Unable to send data")# check this!!!!!
cli.close()
sys.exit(1)
# receiving credentiality
#data_received = cli.recv(BUFSIZE)
#self.BUFSIZE=10240
logging.debug("Try to receive certificate")
cert=self.rcv_data_unsigned_decrypted(cli, tis_public_key, user_private_key)
logging.debug("Saving certificate")
(uidcert,nidcert, DHTLcert)=cert
#self.BUFSIZE=1024
#
#logging.debug("Try to receive certificate")
#cert=self.rcv_data_unsigned_decrypted(cli, tis_public_key, user_private_key)
#logging.debug("Saving certificate")
logging.debug("Try to receive data of Core Node")
#try:
#Receiving core node data for the first friendship in one hope
self.CN=self.rcv_data_unsigned_decrypted(cli, tis_public_key,user_private_key )
pkeyBoot = self.CN[1][1] #esko: Receive nodeid,node public key from TIS
nidBoot = self.CN[1][0].encode('hex')
tis_cert = self.CN[1][2]
uidBoot = self.CN[0][0].encode('hex')
bootAddress = self.CN[2]
f=open('conf'+sep+'nodes.dat',"w")
f.write(bootAddress + " 5000 4000 1 " + nidBoot)
f.close()
f=open('mypem/'+nidBoot+'_N_PKey.pem',"w")
f.write(pkeyBoot)
f.close() #esko end
if not self.CN:
logging.error("Unable to receive CN")
cli.close()
sys.exit(1)
#I need cert of user and cert of node
if self.CN.__len__()!=3:
logging.error("Invalid data, i need two certificate of core node, user and node ")
cli.close()
sys.exit(1)
if not functions.checkCertificate(self.CN[0],tis_public_key):
logging.error("Invalid data, User certificate not valid ")
cli.close()
sys.exit(1)
if not functions.checkCertificate(self.CN[1],tis_public_key):
logging.error("Invalid data, Node certificate not valid ")
cli.close()
sys.exit(1)
try:
socket.inet_aton(self.CN[2])
#TONY
#print"cn[2] = "
#print self.CN[2]
except socket.error:
logging.error("Invalid data, IP adress of core node not valid ")
cli.close()
sys.exit(1)
f=open(constants.uid_filename,"w")
f.write(uidcert[0].encode('hex'))
f.close()
f=open(constants.nid_filename,"w")
f.write(nidcert[0].encode('hex'))
f.close()
#if not os.path.exists(constants.dhtfolder):
# os.makedirs(constants.dhtfolder)
f2=open(constants.dhtfolder+os.sep+'DATA_'+uidcert[0].encode('hex'),"wb")
lookUpData, cert_user, cert_node, friend_badge, online, ip_addr, trust = self.txt,uidcert,nidcert,None,False,'',1
users = FRE(lookUpData, cert_user, cert_node, friend_badge, online, ip_addr, trust, "FRIENDSHIP_ESTABLISHED",[])
certs_this_user = DHTLcert
certs_this_user += [uidcert]
cert_dhtlkeys = []
cert_dhtlkeys += certs_this_user
#saving the property list into a list into a structure ofa log calss
names = ['name', 'surname', 'birth year', 'birth place', 'nationality']
#[self.proplist.append((self.txt[i],DHTLcert[i])) for i in xrange(0,(names.__len__()))]
#proplist=proplist[:3]+(male,)+proplist[3:]
c=DHTLcert
self.proplist=[]
j=0
for i in range(0,len(self.txt)):
if i != 2:
self.proplist.append([self.txt[i],c[j]])
j+=1
else:
self.proplist.append([self.txt[i],None])
#Adding empty property for ( mail, fixedtel, mobiletel, company, department, role, companymail, companytel, companymobiletel)
for i in range(7,16):
self.proplist.append(["",None])
#adding the avatar
f_avatar = open(self.avatar_name, 'rb' )
binaryObject = f_avatar.read()
f_avatar.close()
self.proplist.append([b64encode(binaryObject),None])
cta_box = {}
d={}
f2.write(str(b64encode(pickle.dumps(d, 2)))+"#")
f2.write(str(b64encode(pickle.dumps(users, 2)))+"#")
f2.write(str(b64encode(pickle.dumps(cert_dhtlkeys, 2)))+"#")
f2.write(str(b64encode(pickle.dumps(cta_box, 2)))+"#")
# pickle.dump(d, f2, 2)
# pickle.dump(users, f2, 2)
# pickle.dump(cert_dhtlkeys, f2, 2)
# pickle.dump(cta_box, f2, 2)
f2.close()
datamanager.createDatabase(uidcert[0].encode('hex'))
datamanager.addPPIEntry(uidcert[0].encode('hex'), self.txt, self.avatar_name)
db_filename = databaseNamePrefix +uidcert[0].encode('hex') + databaseNameExtension
db_filename2 = databaseNamePrefix + uidcert[0].encode('hex') + databaseNameExtension
conn = sqlite3.connect(db_filename)
conn2 = sqlite3.connect(db_filename2)
conn.isolation_level = None
conn2.isolation_level = None
c = conn.cursor()
c2 = conn2.cursor()
#c.execute(ppiInsertionQuery)
#conn.commit()
FDR = {}
DDR = {}
signedObject = [1]+[uidcert]+self.proplist + [crypto.sign(user_private_key, pickle.dumps([uidcert[0],uidcert]+self.proplist, pickle.HIGHEST_PROTOCOL))]
# randomID = random.randint(0, 100000)
# FDR[uidcert[0].encode('hex')] = [FDE(1, 0, 1, signedObject)]
# DDR[randomID] = DDE(uidcert[0].encode('hex'), 0, 0)
# c.execute("INSERT INTO BBB (id, data) VALUES (1, ?)", (str(b64encode(pickle.dumps(FDR, pickle.HIGHEST_PROTOCOL))),))
c.execute('INSERT INTO FDR(UIDOWNER,Key_ID,DID,FCOUNT,Fr_ESDT) VALUES (?, ?,?, ?,?)', (uidcert[0].encode('hex'),0,1,1,b64encode(pickle.dumps(['PPI',1,0,signedObject]))))
# c2.execute("INSERT INTO AAA (id, data) VALUES (1, ?)", (str(b64encode(pickle.dumps(DDR, pickle.HIGHEST_PROTOCOL))),))
conn.commit()
c.close()
conn.close()
conn2.commit()
c2.close()
conn2.close()
crypto.saveKeyPairs(user, uidcert[0].encode('hex')+'_U_')
crypto.saveKeyPairs(node, nidcert[0].encode('hex')+'_N_')
f3=open(constants.bor_file,"wb")
print self.CN[2]
pickle.dump([self.CN[0],self.CN[1],self.CN[2],self.proplist],f3,pickle.HIGHEST_PROTOCOL)
#pickle.dump([self.CN[0],self.CN[1],self.ipmap.get(self.CN[2]),self.proplist],f3,pickle.HIGHEST_PROTOCOL)
f3.close()
logging.debug("Removing old keys")
os.remove('mypem'+os.sep+name+'_U_Keys.pem')
os.remove('mypem'+os.sep+name+'_U_PKey.pem')
os.remove('mypem'+os.sep+name+'_N_Keys.pem')
os.remove('mypem'+os.sep+name+'_N_PKey.pem')
cli.close()
return cert